From 576b0d84e83874b6b8e066ddf8c8e8ac40d7a4d1 Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Tue, 25 Sep 2018 16:35:30 +0200
Subject: [PATCH 01/17] Fix build scripts; download stable version
On this branch we will download the latest stable TIER-capable
version of midPoint.
---
midpoint/README.md | 2 +-
midpoint/build.sh | 2 +-
midpoint/download-midpoint | 2 +-
3 files changed, 3 insertions(+), 3 deletions(-)
diff --git a/midpoint/README.md b/midpoint/README.md
index 511f0a6..bd1cfd4 100644
--- a/midpoint/README.md
+++ b/midpoint/README.md
@@ -3,7 +3,7 @@ This is a midPoint dockerization for TIER environment. It is a work in progress.
# Building and execution
```
$ ./build.sh
-$ docker-compose up
+$ docker-compose up --build
```
Please see a detailed description [here](https://spaces.at.internet2.edu/display/MID/Dockerized+midPoint).
diff --git a/midpoint/build.sh b/midpoint/build.sh
index 760eea6..0463d37 100755
--- a/midpoint/build.sh
+++ b/midpoint/build.sh
@@ -26,7 +26,7 @@ echo ""
echo "(for standalone execution)"
echo ""
echo "$ cd" `pwd`
-echo "$ docker-compose up"
+echo "$ docker-compose up --build"
echo ""
echo "(for complex demo)"
echo ""
diff --git a/midpoint/download-midpoint b/midpoint/download-midpoint
index 50a2b2a..aa771d8 100755
--- a/midpoint/download-midpoint
+++ b/midpoint/download-midpoint
@@ -3,7 +3,7 @@
dir=`dirname "$0"`
echo "Downloading midPoint 3.9-SNAPSHOT"
echo "-----------------------------------------"
-curl --output $dir/midpoint-server/midpoint-3.9-SNAPSHOT-dist.tar.gz "https://evolveum.com/downloads/midpoint-tier/midpoint-3.9-SNAPSHOT-dist.tar.gz"
+curl --output $dir/midpoint-server/midpoint-3.9-SNAPSHOT-dist.tar.gz "https://evolveum.com/downloads/midpoint-tier/midpoint-3.9-SNAPSHOT-0.5-dist.tar.gz"
echo "-----------------------------------------"
echo "Checking the download..."
if tar -tf $dir/midpoint-server/midpoint-3.9-SNAPSHOT-dist.tar.gz >/dev/null; then
From eee27326be2857b62000dd0352c65a45d48e7bef Mon Sep 17 00:00:00 2001
From: skublik <lukas.skublik@evolveum.com>
Date: Wed, 26 Sep 2018 19:55:18 +0000
Subject: [PATCH 02/17] seting UTC timezone and fixed grouper version
---
demo/complex/grouper-daemon/Dockerfile | 2 +-
demo/complex/grouper-data/Dockerfile | 2 +-
demo/complex/grouper-ui/Dockerfile | 2 +-
demo/complex/grouper-ws/Dockerfile | 9 -
.../grouper-ws/container_files/server.xml | 180 ------------------
.../container_files/tomcat-users.xml | 46 -----
.../grouper-ws/container_files/web.xml | 128 -------------
demo/complex/gsh/Dockerfile | 5 -
midpoint/midpoint-server/Dockerfile | 3 +
9 files changed, 6 insertions(+), 371 deletions(-)
delete mode 100644 demo/complex/grouper-ws/Dockerfile
delete mode 100644 demo/complex/grouper-ws/container_files/server.xml
delete mode 100644 demo/complex/grouper-ws/container_files/tomcat-users.xml
delete mode 100644 demo/complex/grouper-ws/container_files/web.xml
delete mode 100644 demo/complex/gsh/Dockerfile
diff --git a/demo/complex/grouper-daemon/Dockerfile b/demo/complex/grouper-daemon/Dockerfile
index 04016b9..289c1a2 100644
--- a/demo/complex/grouper-daemon/Dockerfile
+++ b/demo/complex/grouper-daemon/Dockerfile
@@ -1,4 +1,4 @@
-FROM tier/grouper:latest
+FROM tier/grouper:2.3.0-a109-u47-w12-p21
LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
diff --git a/demo/complex/grouper-data/Dockerfile b/demo/complex/grouper-data/Dockerfile
index 9ceedec..a87330c 100644
--- a/demo/complex/grouper-data/Dockerfile
+++ b/demo/complex/grouper-data/Dockerfile
@@ -1,4 +1,4 @@
-FROM tier/grouper:latest
+FROM tier/grouper:2.3.0-a109-u47-w12-p21
LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
diff --git a/demo/complex/grouper-ui/Dockerfile b/demo/complex/grouper-ui/Dockerfile
index 965cd6f..a1cce4f 100644
--- a/demo/complex/grouper-ui/Dockerfile
+++ b/demo/complex/grouper-ui/Dockerfile
@@ -1,4 +1,4 @@
-FROM tier/grouper:latest
+FROM tier/grouper:2.3.0-a109-u47-w12-p21
LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
diff --git a/demo/complex/grouper-ws/Dockerfile b/demo/complex/grouper-ws/Dockerfile
deleted file mode 100644
index f5c06b9..0000000
--- a/demo/complex/grouper-ws/Dockerfile
+++ /dev/null
@@ -1,9 +0,0 @@
-FROM tier/grouper:latest
-
-LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
-
-COPY container_files/web.xml /opt/grouper/grouper.ws/WEB-INF/
-COPY container_files/tomcat-users.xml /opt/tomcat/conf/
-COPY container_files/server.xml /opt/tomcat/conf/
-
-CMD ["ws"]
diff --git a/demo/complex/grouper-ws/container_files/server.xml b/demo/complex/grouper-ws/container_files/server.xml
deleted file mode 100644
index 20edd02..0000000
--- a/demo/complex/grouper-ws/container_files/server.xml
+++ /dev/null
@@ -1,180 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<!-- Note: A "Server" is not itself a "Container", so you may not
- define subcomponents such as "Valves" at this level.
- Documentation at /docs/config/server.html
- -->
-<Server port="8005" shutdown="SHUTDOWN">
- <Listener className="org.apache.catalina.startup.VersionLoggerListener" />
- <!-- Security listener. Documentation at /docs/config/listeners.html
- <Listener className="org.apache.catalina.security.SecurityListener" />
- -->
- <!--APR library loader. Documentation at /docs/apr.html -->
- <Listener className="org.apache.catalina.core.AprLifecycleListener" SSLEngine="on" />
- <!-- Prevent memory leaks due to use of particular java/javax APIs-->
- <Listener className="org.apache.catalina.core.JreMemoryLeakPreventionListener" />
- <Listener className="org.apache.catalina.mbeans.GlobalResourcesLifecycleListener" />
- <Listener className="org.apache.catalina.core.ThreadLocalLeakPreventionListener" />
-
- <!-- Global JNDI resources
- Documentation at /docs/jndi-resources-howto.html
- -->
- <GlobalNamingResources>
- <!-- Editable user database that can also be used by
- UserDatabaseRealm to authenticate users
- -->
- <Resource name="UserDatabase" auth="Container"
- type="org.apache.catalina.UserDatabase"
- description="User database that can be updated and saved"
- factory="org.apache.catalina.users.MemoryUserDatabaseFactory"
- pathname="conf/tomcat-users.xml" />
- </GlobalNamingResources>
-
- <!-- A "Service" is a collection of one or more "Connectors" that share
- a single "Container" Note: A "Service" is not itself a "Container",
- so you may not define subcomponents such as "Valves" at this level.
- Documentation at /docs/config/service.html
- -->
- <Service name="Catalina">
-
- <!--The connectors can use a shared executor, you can define one or more named thread pools-->
- <!--
- <Executor name="tomcatThreadPool" namePrefix="catalina-exec-"
- maxThreads="150" minSpareThreads="4"/>
- -->
-
-
- <!-- A "Connector" represents an endpoint by which requests are received
- and responses are returned. Documentation at :
- Java HTTP Connector: /docs/config/http.html
- Java AJP Connector: /docs/config/ajp.html
- APR (HTTP/AJP) Connector: /docs/apr.html
- Define a non-SSL/TLS HTTP/1.1 Connector on port 8080
- -->
- <Connector port="8080" protocol="HTTP/1.1" URIEncoding="UTF-8"
- connectionTimeout="20000"
- redirectPort="8443" />
- <!-- A "Connector" using the shared thread pool-->
- <!--
- <Connector executor="tomcatThreadPool"
- port="8080" protocol="HTTP/1.1"
- connectionTimeout="20000"
- redirectPort="8443" />
- -->
- <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443
- This connector uses the NIO implementation. The default
- SSLImplementation will depend on the presence of the APR/native
- library and the useOpenSSL attribute of the
- AprLifecycleListener.
- Either JSSE or OpenSSL style configuration may be used regardless of
- the SSLImplementation selected. JSSE style configuration is used below.
- -->
- <!--
- <Connector port="8443" protocol="org.apache.coyote.http11.Http11NioProtocol"
- maxThreads="150" SSLEnabled="true">
- <SSLHostConfig>
- <Certificate certificateKeystoreFile="conf/localhost-rsa.jks"
- type="RSA" />
- </SSLHostConfig>
- </Connector>
- -->
- <!-- Define a SSL/TLS HTTP/1.1 Connector on port 8443 with HTTP/2
- This connector uses the APR/native implementation which always uses
- OpenSSL for TLS.
- Either JSSE or OpenSSL style configuration may be used. OpenSSL style
- configuration is used below.
- -->
- <!--
- <Connector port="8443" protocol="org.apache.coyote.http11.Http11AprProtocol"
- maxThreads="150" SSLEnabled="true" >
- <UpgradeProtocol className="org.apache.coyote.http2.Http2Protocol" />
- <SSLHostConfig>
- <Certificate certificateKeyFile="conf/localhost-rsa-key.pem"
- certificateFile="conf/localhost-rsa-cert.pem"
- certificateChainFile="conf/localhost-rsa-chain.pem"
- type="RSA" />
- </SSLHostConfig>
- </Connector>
- -->
-
- <!-- Define an AJP 1.3 Connector on port 8009 -->
- <Connector port="8009" protocol="AJP/1.3" redirectPort="8443" URIEncoding="UTF-8" />
-
-
- <!-- An Engine represents the entry point (within Catalina) that processes
- every request. The Engine implementation for Tomcat stand alone
- analyzes the HTTP headers included with the request, and passes them
- on to the appropriate Host (virtual host).
- Documentation at /docs/config/engine.html -->
-
- <!-- You should set jvmRoute to support load-balancing via AJP ie :
- <Engine name="Catalina" defaultHost="localhost" jvmRoute="jvm1">
- -->
- <Engine name="Catalina" defaultHost="localhost">
-
- <!--For clustering, please take a look at documentation at:
- /docs/cluster-howto.html (simple how to)
- /docs/config/cluster.html (reference documentation) -->
- <!--
- <Cluster className="org.apache.catalina.ha.tcp.SimpleTcpCluster"/>
- -->
-
- <!-- Use the LockOutRealm to prevent attempts to guess user passwords
- via a brute-force attack -->
- <Realm className="org.apache.catalina.realm.LockOutRealm">
- <!-- This Realm uses the UserDatabase configured in the global JNDI
- resources under the key "UserDatabase". Any edits
- that are performed against this UserDatabase are immediately
- available for use by the Realm. -->
- <Realm className="org.apache.catalina.realm.UserDatabaseRealm"
- resourceName="UserDatabase"/> <!-- we can log in with tomcat-users.xml accounts -->
-
- <Realm className="org.apache.catalina.realm.JNDIRealm"
- connectionURL="ldap://g-data"
- userBase="ou=people,dc=internet2,dc=edu"
- userSearch="(uid={0})"
- userSubtree="true"
- connectionName="cn=admin,dc=internet2,dc=edu"
- connectionPassword="password"
- allRolesMode="authOnly" /> <!-- Or we can log in with ldap accounts -->
- </Realm>
-
- <!-- Define the default virtual host
- Note: XML Schema validation will not work with Xerces 2.2.
- -->
-
- <Host name="localhost" appBase="webapps"
- unpackWARs="true" autoDeploy="true">
-
- <!-- SingleSignOn valve, share authentication between web applications
- Documentation at: /docs/config/valve.html -->
- <!--
- <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
- -->
-
- <!-- Access log processes all example.
- Documentation at: /docs/config/valve.html
- Note: The pattern used is equivalent to using pattern="common" -->
- <Valve className="org.apache.catalina.valves.AccessLogValve" directory="logs"
- prefix="localhost_access_log" suffix=".txt"
- pattern="%h %l %u %t "%r" %s %b" />
-
- </Host>
- </Engine>
- </Service>
-</Server>
diff --git a/demo/complex/grouper-ws/container_files/tomcat-users.xml b/demo/complex/grouper-ws/container_files/tomcat-users.xml
deleted file mode 100644
index f5d6945..0000000
--- a/demo/complex/grouper-ws/container_files/tomcat-users.xml
+++ /dev/null
@@ -1,46 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!--
- Licensed to the Apache Software Foundation (ASF) under one or more
- contributor license agreements. See the NOTICE file distributed with
- this work for additional information regarding copyright ownership.
- The ASF licenses this file to You under the Apache License, Version 2.0
- (the "License"); you may not use this file except in compliance with
- the License. You may obtain a copy of the License at
-
- http://www.apache.org/licenses/LICENSE-2.0
-
- Unless required by applicable law or agreed to in writing, software
- distributed under the License is distributed on an "AS IS" BASIS,
- WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
- See the License for the specific language governing permissions and
- limitations under the License.
--->
-<tomcat-users xmlns="http://tomcat.apache.org/xml"
- xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
- xsi:schemaLocation="http://tomcat.apache.org/xml tomcat-users.xsd"
- version="1.0">
-<role rolename="grouper_user"/>
-<user username="banderson" password="password1" roles="grouper_user"/>
-<!--
- NOTE: By default, no user is included in the "manager-gui" role required
- to operate the "/manager/html" web application. If you wish to use this app,
- you must define such a user - the username and password are arbitrary. It is
- strongly recommended that you do NOT use one of the users in the commented out
- section below since they are intended for use with the examples web
- application.
--->
-<!--
- NOTE: The sample user and role entries below are intended for use with the
- examples web application. They are wrapped in a comment and thus are ignored
- when reading this file. If you wish to configure these users for use with the
- examples web application, do not forget to remove the <!.. ..> that surrounds
- them. You will also need to set the passwords to something appropriate.
--->
-<!--
- <role rolename="tomcat"/>
- <role rolename="role1"/>
- <user username="tomcat" password="<must-be-changed>" roles="tomcat"/>
- <user username="both" password="<must-be-changed>" roles="tomcat,role1"/>
- <user username="role1" password="<must-be-changed>" roles="role1"/>
--->
-</tomcat-users>
\ No newline at end of file
diff --git a/demo/complex/grouper-ws/container_files/web.xml b/demo/complex/grouper-ws/container_files/web.xml
deleted file mode 100644
index 03d3deb..0000000
--- a/demo/complex/grouper-ws/container_files/web.xml
+++ /dev/null
@@ -1,128 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1"?>
-
-
-<!DOCTYPE web-app PUBLIC
- "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN"
- "http://java.sun.com/dtd/web-app_2_3.dtd">
-
-<web-app>
- <filter>
- <!-- keeps the request and response in threadlocal so they dont have to be passed around -->
- <filter-name>Grouper service filter</filter-name>
- <filter-class>edu.internet2.middleware.grouper.ws.GrouperServiceJ2ee</filter-class>
- </filter>
-
- <filter>
- <!-- logging filter -->
- <filter-name>Grouper logging filter</filter-name>
- <filter-class>edu.internet2.middleware.grouper.ws.j2ee.ServletFilterLogger</filter-class>
- </filter>
-
- <!-- filter-mapping>
- <filter-name>Grouper logging filter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping -->
- <!-- Map the filter to a Servlet or URL -->
- <filter-mapping>
- <filter-name>Grouper service filter</filter-name>
- <url-pattern>/services/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>Grouper service filter</filter-name>
- <url-pattern>/servicesRest/*</url-pattern>
- </filter-mapping>
- <servlet>
- <servlet-name>AxisServlet</servlet-name>
- <display-name>Apache-Axis Servlet</display-name>
- <servlet-class>edu.internet2.middleware.grouper.ws.GrouperServiceAxisServlet</servlet-class>
- <load-on-startup>1</load-on-startup>
- <!-- hint that this is the wssec servlet -->
- <!-- init-param>
- <param-name>wssec</param-name>
- <param-value>true</param-value>
- </init-param -->
- </servlet>
- <servlet>
- <servlet-name>RestServlet</servlet-name>
- <display-name>WS REST Servlet</display-name>
- <servlet-class>edu.internet2.middleware.grouper.ws.rest.GrouperRestServlet</servlet-class>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <servlet>
- <servlet-name>StatusServlet</servlet-name>
- <display-name>Status Servlet</display-name>
- <servlet-class>edu.internet2.middleware.grouper.j2ee.status.GrouperStatusServlet</servlet-class>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>StatusServlet</servlet-name>
- <url-pattern>/status</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>AxisServlet</servlet-name>
- <url-pattern>/services/*</url-pattern>
- </servlet-mapping>
- <servlet-mapping>
- <servlet-name>RestServlet</servlet-name>
- <url-pattern>/servicesRest/*</url-pattern>
- </servlet-mapping>
-
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>Web services</web-resource-name>
- <url-pattern>/services/*</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>*</role-name>
- </auth-constraint>
- </security-constraint>
-
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>Web services</web-resource-name>
- <url-pattern>/servicesRest/*</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <!-- NOTE: This role is not present in the default users file -->
- <role-name>*</role-name>
- </auth-constraint>
- </security-constraint>
-
- <!-- Define the Login Configuration for this Application -->
- <login-config>
- <auth-method>BASIC</auth-method>
- <realm-name>Grouper Application</realm-name>
- </login-config>
-
- <!-- Security roles referenced by this web application -->
- <security-role>
- <description>
- The role that is required to log in to web service
- </description>
- <role-name>*</role-name>
- </security-role>
-
- <session-config>
- <session-timeout>1</session-timeout>
- </session-config>
- <!-- config to enable ESB listener servlet
- <servlet>
- <servlet-name>EsbServlet</servlet-name>
- <display-name>Esb Servlet</display-name>
- <servlet-class>edu.internet2.middleware.grouper.esb.EsbHttpHandler</servlet-class>
- <load-on-startup>1</load-on-startup>
- </servlet>
- <servlet-mapping>
- <servlet-name>EsbServlet</servlet-name>
- <url-pattern>/servicesEsb/*</url-pattern>
- </servlet-mapping>
- <security-constraint>
- <web-resource-collection>
- <web-resource-name>Web services</web-resource-name>
- <url-pattern>/servicesEsb/*</url-pattern>
- </web-resource-collection>
- <auth-constraint>
- <role-name>grouper_user</role-name>
- </auth-constraint>
- </security-constraint> -->
-</web-app>
diff --git a/demo/complex/gsh/Dockerfile b/demo/complex/gsh/Dockerfile
deleted file mode 100644
index 3302328..0000000
--- a/demo/complex/gsh/Dockerfile
+++ /dev/null
@@ -1,5 +0,0 @@
-FROM tier/grouper:latest
-
-MAINTAINER tier-packaging@internet2.edu <tier-packaging@internet2.edu>
-
-CMD ["gsh"]
diff --git a/midpoint/midpoint-server/Dockerfile b/midpoint/midpoint-server/Dockerfile
index e1be60b..d28d068 100644
--- a/midpoint/midpoint-server/Dockerfile
+++ b/midpoint/midpoint-server/Dockerfile
@@ -6,6 +6,9 @@ FROM tier/shibboleth_sp
MAINTAINER info@evolveum.com
+ENV TZ=UTC
+RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
+
RUN rpm --import http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems
RUN curl -o /etc/yum.repos.d/zulu.repo http://repos.azulsystems.com/rhel/zulu.repo
RUN yum -y update
From c2a356917f34a0b345e79ca152b399bd3524f925 Mon Sep 17 00:00:00 2001
From: skublik <lukas.skublik@evolveum.com>
Date: Thu, 27 Sep 2018 10:24:59 +0000
Subject: [PATCH 03/17] adding of urls without security to apache configuration
---
.../httpd/conf/midpoint.conf.auth.shibboleth | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/midpoint/midpoint-server/container_files/httpd/conf/midpoint.conf.auth.shibboleth b/midpoint/midpoint-server/container_files/httpd/conf/midpoint.conf.auth.shibboleth
index e827b9f..faef9ae 100644
--- a/midpoint/midpoint-server/container_files/httpd/conf/midpoint.conf.auth.shibboleth
+++ b/midpoint/midpoint-server/container_files/httpd/conf/midpoint.conf.auth.shibboleth
@@ -5,7 +5,6 @@ ProxyBadHeader Ignore
ProxyPass /midpoint ajp://localhost:9090/midpoint timeout=2400
-
<Location /midpoint>
AuthType shibboleth
ShibRequestSetting requireSession 1
@@ -13,3 +12,10 @@ ProxyPass /midpoint ajp://localhost:9090/midpoint timeout=2400
ShibUseHeaders On
require shibboleth
</Location>
+
+<Location ~ "/midpoint/(actuator/health|js/*|css/*|img/*|less/*|fonts/*|model/*|ws/*|rest/*|report/*|wro/*|static-web/*|wicket/resource/*)">
+ Satisfy Any
+ Allow from all
+ AuthType None
+ Require all granted
+</Location>
From b53ba3fa746d21cc077b8800cd6d2ef3ba37c901 Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Thu, 27 Sep 2018 12:59:45 +0200
Subject: [PATCH 04/17] Remove timezone setting from containers
---
demo/complex/grouper-daemon/Dockerfile | 5 -----
demo/complex/grouper-data/Dockerfile | 5 -----
demo/complex/grouper-ui/Dockerfile | 5 -----
demo/complex/idp/Dockerfile | 5 -----
midpoint/midpoint-server/Dockerfile | 8 --------
5 files changed, 28 deletions(-)
diff --git a/demo/complex/grouper-daemon/Dockerfile b/demo/complex/grouper-daemon/Dockerfile
index 289c1a2..55151f3 100644
--- a/demo/complex/grouper-daemon/Dockerfile
+++ b/demo/complex/grouper-daemon/Dockerfile
@@ -2,9 +2,4 @@ FROM tier/grouper:2.3.0-a109-u47-w12-p21
LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
-# JUST FOR TESTING - REMOVE BEFORE RELEASE
-RUN rm /etc/localtime \
- && ln -s /usr/share/zoneinfo/US/Central /etc/localtime \
- && date
-
CMD ["daemon"]
diff --git a/demo/complex/grouper-data/Dockerfile b/demo/complex/grouper-data/Dockerfile
index a87330c..dda3442 100644
--- a/demo/complex/grouper-data/Dockerfile
+++ b/demo/complex/grouper-data/Dockerfile
@@ -37,9 +37,4 @@ RUN (mysqld_safe & ) \
EXPOSE 3306
-# JUST FOR TESTING - REMOVE BEFORE RELEASE
-RUN rm /etc/localtime \
- && ln -s /usr/share/zoneinfo/US/Central /etc/localtime \
- && date
-
CMD mysqld_safe
diff --git a/demo/complex/grouper-ui/Dockerfile b/demo/complex/grouper-ui/Dockerfile
index a1cce4f..bfec7b9 100644
--- a/demo/complex/grouper-ui/Dockerfile
+++ b/demo/complex/grouper-ui/Dockerfile
@@ -4,9 +4,4 @@ LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
#COPY in custom css, images, etc
-# JUST FOR TESTING - REMOVE BEFORE RELEASE
-RUN rm /etc/localtime \
- && ln -s /usr/share/zoneinfo/US/Central /etc/localtime \
- && date
-
CMD ["ui"]
diff --git a/demo/complex/idp/Dockerfile b/demo/complex/idp/Dockerfile
index 35eb456..7d0b512 100644
--- a/demo/complex/idp/Dockerfile
+++ b/demo/complex/idp/Dockerfile
@@ -2,9 +2,4 @@ FROM unicon/shibboleth-idp:latest
LABEL author="tier-packaging@internet2.edu <tier-packaging@internet2.edu>"
-# JUST FOR TESTING - REMOVE BEFORE RELEASE
-RUN rm /etc/localtime \
- && ln -s /usr/share/zoneinfo/US/Central /etc/localtime \
- && date
-
COPY shibboleth-idp/ /opt/shibboleth-idp/
diff --git a/midpoint/midpoint-server/Dockerfile b/midpoint/midpoint-server/Dockerfile
index d28d068..be36460 100644
--- a/midpoint/midpoint-server/Dockerfile
+++ b/midpoint/midpoint-server/Dockerfile
@@ -6,9 +6,6 @@ FROM tier/shibboleth_sp
MAINTAINER info@evolveum.com
-ENV TZ=UTC
-RUN ln -snf /usr/share/zoneinfo/$TZ /etc/localtime && echo $TZ > /etc/timezone
-
RUN rpm --import http://repos.azulsystems.com/RPM-GPG-KEY-azulsystems
RUN curl -o /etc/yum.repos.d/zulu.repo http://repos.azulsystems.com/rhel/zulu.repo
RUN yum -y update
@@ -101,11 +98,6 @@ ENV TIER_MAINTAINER=tier
# requires MP_VERSION and TIER_xyz variables so we have to execute it here
-# JUST FOR TESTING - REMOVE BEFORE RELEASE
-RUN rm /etc/localtime \
- && ln -s /usr/share/zoneinfo/US/Central /etc/localtime \
- && date
-
RUN /opt/tier/setenv.sh
CMD ["/usr/local/bin/startup.sh"]
From f8300935a966860cfd69b8e98ebcc8f61027660a Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Thu, 27 Sep 2018 14:45:21 +0200
Subject: [PATCH 05/17] Make download-midpoint point to 'stable' tgz
---
midpoint/download-midpoint | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/midpoint/download-midpoint b/midpoint/download-midpoint
index aa771d8..3757cc2 100755
--- a/midpoint/download-midpoint
+++ b/midpoint/download-midpoint
@@ -3,7 +3,7 @@
dir=`dirname "$0"`
echo "Downloading midPoint 3.9-SNAPSHOT"
echo "-----------------------------------------"
-curl --output $dir/midpoint-server/midpoint-3.9-SNAPSHOT-dist.tar.gz "https://evolveum.com/downloads/midpoint-tier/midpoint-3.9-SNAPSHOT-0.5-dist.tar.gz"
+curl --output $dir/midpoint-server/midpoint-3.9-SNAPSHOT-dist.tar.gz "https://evolveum.com/downloads/midpoint-tier/midpoint-3.9-SNAPSHOT-stable-dist.tar.gz"
echo "-----------------------------------------"
echo "Checking the download..."
if tar -tf $dir/midpoint-server/midpoint-3.9-SNAPSHOT-dist.tar.gz >/dev/null; then
From 7bf150d0990e6b12aed8f050521ae996b7f774b5 Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Thu, 4 Oct 2018 10:28:21 +0200
Subject: [PATCH 06/17] Fix tests numbering
---
demo/postgresql/tests/main.bats | 2 +-
demo/shibboleth/tests/main.bats | 6 +++---
2 files changed, 4 insertions(+), 4 deletions(-)
diff --git a/demo/postgresql/tests/main.bats b/demo/postgresql/tests/main.bats
index 5d82e6e..a217a63 100755
--- a/demo/postgresql/tests/main.bats
+++ b/demo/postgresql/tests/main.bats
@@ -12,7 +12,7 @@ load ../../../library
wait_for_midpoint_start postgresql_midpoint_server_1
}
-@test "010 Check health" {
+@test "020 Check health" {
check_health
}
diff --git a/demo/shibboleth/tests/main.bats b/demo/shibboleth/tests/main.bats
index 8244ad0..a14db90 100755
--- a/demo/shibboleth/tests/main.bats
+++ b/demo/shibboleth/tests/main.bats
@@ -63,15 +63,15 @@ load ../../../library
env AUTHENTICATION=internal docker-compose up -d
}
-@test "210 Wait for midPoint to start up" {
+@test "220 Wait for midPoint to start up" {
wait_for_midpoint_start shibboleth_midpoint_server_1
}
-@test "220 Check health" {
+@test "230 Check health" {
check_health
}
-@test "230 Check internal login redirection" {
+@test "240 Check internal login redirection" {
curl -k --write-out %{redirect_url} --silent --output /dev/null https://localhost:8443/midpoint/self/dashboard | grep 'https:\/\/localhost:8443\/midpoint\/login'
}
From 7594dc399d3684a15dc269f60ffb0c295ffcb504 Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Thu, 4 Oct 2018 14:19:47 +0200
Subject: [PATCH 07/17] Update env vars and add volume (demo/complex)
---
demo/complex/.env | 4 ----
demo/complex/docker-compose.yml | 6 +++---
2 files changed, 3 insertions(+), 7 deletions(-)
diff --git a/demo/complex/.env b/demo/complex/.env
index d58a3c3..eccc9c9 100644
--- a/demo/complex/.env
+++ b/demo/complex/.env
@@ -1,6 +1,5 @@
AUTHENTICATION=internal
ENV=demo
-USERTOKEN=
REPO_DATABASE_TYPE=mariadb
REPO_JDBC_URL=default
REPO_HOST=midpoint_data
@@ -9,9 +8,6 @@ REPO_DATABASE=registry
REPO_USER=registry_user
REPO_MISSING_SCHEMA_ACTION=create
REPO_UPGRADEABLE_SCHEMA_ACTION=stop
-REPO_PASSWORD_FILE=/run/secrets/mp_database_password.txt
-MP_KEYSTORE_PASSWORD_FILE=/run/secrets/mp_keystore_password.txt
MP_MEM_MAX=2048m
MP_MEM_INIT=1024m
-LOGOUT_URL=https://localhost:8443/Shibboleth.sso/Logout
SSO_HEADER=uid
diff --git a/demo/complex/docker-compose.yml b/demo/complex/docker-compose.yml
index aa9b0f9..7080c66 100644
--- a/demo/complex/docker-compose.yml
+++ b/demo/complex/docker-compose.yml
@@ -148,17 +148,14 @@ services:
- REPO_PORT
- REPO_DATABASE
- REPO_USER
- - REPO_PASSWORD_FILE
- REPO_MISSING_SCHEMA_ACTION
- REPO_UPGRADEABLE_SCHEMA_ACTION
- REPO_SCHEMA_VERSION_IF_MISSING
- REPO_SCHEMA_VARIANT
- - MP_KEYSTORE_PASSWORD_FILE
- MP_MEM_MAX
- MP_MEM_INIT
- MP_JAVA_OPTS
- SSO_HEADER
- - LOGOUT_URL
- TIER_BEACON_OPT_OUT
networks:
- net
@@ -207,6 +204,8 @@ services:
- net
ports:
- 15672:15672
+ volumes:
+ - mq:/var/lib/rabbitmq
networks:
net:
@@ -246,3 +245,4 @@ volumes:
midpoint_data:
midpoint_mysql:
midpoint_home:
+ mq:
From 8ec4868f5e17663fecd046bf478e388503573f77 Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Thu, 4 Oct 2018 14:20:00 +0200
Subject: [PATCH 08/17] Update README.md files
---
README.md | 8 ++++----
demo/complex/README.md | 2 +-
2 files changed, 5 insertions(+), 5 deletions(-)
diff --git a/README.md b/README.md
index a1813e9..4964c2b 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-[](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/master/)
+[](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/3.9-SNAPSHOT-stable/)
This repository contains sources for TIER-supported [midPoint](http://midpoint.evolveum.com) image.
@@ -13,7 +13,8 @@ The image contains the midPoint application along with some TIER-specific compon
- `demo` directory contains a couple of demonstration scenarios:
- `simple` to show simple composition of midPoint with the repository,
- `shibboleth` to show integration with Shibboleth IdP,
- - `postgresql` to show how to change the repository implementation,
+ - `postgresql` to show how to use alternative dockerized repository,
+ - `extrepo` to show how to use external repository,
- `complex` to demonstrate more complex deployment of midPoint in a sample university environment, featuring midPoint along with Grouper, LDAP directory, RabbitMQ, Shibboleth IdP, source and target systems.
# Build instructions
@@ -23,7 +24,6 @@ $ ./build.sh
You can then continue with one of demo composition, e.g. simple or complex one.
# Documentation
-- For the `midpoint` image and container themselves please see [Dockerized midPoint](https://spaces.at.internet2.edu/display/MID/Dockerized+midPoint) wiki page.
-- For the complex demo please see [midPoint - Grouper integration demo](https://spaces.at.internet2.edu/display/MID/midPoint+-+Grouper+integration+demo) wiki page.
+Please see [Dockerized midPoint](https://spaces.at.internet2.edu/display/MID/Dockerized+midPoint) wiki page.
This is a work in progress. For its current status please see [Status of the work](https://spaces.at.internet2.edu/display/MID/Status+of+the+work).
diff --git a/demo/complex/README.md b/demo/complex/README.md
index 7e24d42..9b7f0f6 100644
--- a/demo/complex/README.md
+++ b/demo/complex/README.md
@@ -6,4 +6,4 @@ $ ../../build.sh
$ docker-compose up --build
```
-Please see a detailed description [here](https://spaces.at.internet2.edu/display/MID/midPoint+-+Grouper+integration+demo).
+Please see a detailed description [here](https://spaces.at.internet2.edu/display/MID/Complex+midPoint+integration+demo).
From e2d9df196162abb24174351fdfdce31f388ac6a1 Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Fri, 5 Oct 2018 16:56:12 +0200
Subject: [PATCH 09/17] Modify image references to midpoint:3.9-SNAPSHOT-stable
(instead of midpoint:latest)
---
build.sh | 2 +-
demo/complex/midpoint_server/Dockerfile | 2 +-
demo/extrepo/docker-compose.yml | 2 +-
demo/postgresql/docker-compose.yml | 2 +-
demo/shibboleth/docker-compose.yml | 2 +-
demo/simple/docker-compose.yml | 2 +-
tests/main.bats | 2 +-
7 files changed, 7 insertions(+), 7 deletions(-)
diff --git a/build.sh b/build.sh
index 783e3bf..c609b49 100755
--- a/build.sh
+++ b/build.sh
@@ -10,7 +10,7 @@ while getopts "nh?" opt; do
esac
done
if [ "$SKIP_DOWNLOAD" = "0" ]; then ./download-midpoint; fi
-docker build --tag tier/midpoint:latest .
+docker build --tag tier/midpoint:3.9-SNAPSHOT-stable .
echo "---------------------------------------------------------------------------------------"
echo "The midPoint containers were successfully built. To start them, execute the following:"
echo ""
diff --git a/demo/complex/midpoint_server/Dockerfile b/demo/complex/midpoint_server/Dockerfile
index 49e5fb4..2ff8630 100644
--- a/demo/complex/midpoint_server/Dockerfile
+++ b/demo/complex/midpoint_server/Dockerfile
@@ -1,4 +1,4 @@
-FROM tier/midpoint
+FROM tier/midpoint:3.9-SNAPSHOT-stable
MAINTAINER info@evolveum.com
diff --git a/demo/extrepo/docker-compose.yml b/demo/extrepo/docker-compose.yml
index ae4ad6a..9b7336c 100644
--- a/demo/extrepo/docker-compose.yml
+++ b/demo/extrepo/docker-compose.yml
@@ -2,7 +2,7 @@ version: "3.3"
services:
midpoint_server:
- image: tier/midpoint:latest
+ image: tier/midpoint:3.9-SNAPSHOT-stable
ports:
- 8443:443
environment:
diff --git a/demo/postgresql/docker-compose.yml b/demo/postgresql/docker-compose.yml
index cfb4970..c6870f3 100644
--- a/demo/postgresql/docker-compose.yml
+++ b/demo/postgresql/docker-compose.yml
@@ -17,7 +17,7 @@ services:
- midpoint_data:/var/lib/postgresql/data
midpoint_server:
- image: tier/midpoint:latest
+ image: tier/midpoint:3.9-SNAPSHOT-stable
ports:
- 8443:443
environment:
diff --git a/demo/shibboleth/docker-compose.yml b/demo/shibboleth/docker-compose.yml
index f1acebd..f68ccd3 100644
--- a/demo/shibboleth/docker-compose.yml
+++ b/demo/shibboleth/docker-compose.yml
@@ -15,7 +15,7 @@ services:
- CREATE_NEW_DATABASE=if_needed
midpoint_server:
- image: tier/midpoint:latest
+ image: tier/midpoint:3.9-SNAPSHOT-stable
ports:
- 8443:443
environment:
diff --git a/demo/simple/docker-compose.yml b/demo/simple/docker-compose.yml
index c098dae..2440a0d 100644
--- a/demo/simple/docker-compose.yml
+++ b/demo/simple/docker-compose.yml
@@ -14,7 +14,7 @@ services:
- CREATE_NEW_DATABASE=if_needed
midpoint_server:
- image: tier/midpoint:latest
+ image: tier/midpoint:3.9-SNAPSHOT-stable
ports:
- 8443:443
environment:
diff --git a/tests/main.bats b/tests/main.bats
index 36dc6c1..b262604 100755
--- a/tests/main.bats
+++ b/tests/main.bats
@@ -3,7 +3,7 @@
load ../common
@test "010 Image is present" {
- docker image inspect tier/midpoint:latest
+ docker image inspect tier/midpoint:3.9-SNAPSHOT-stable
}
@test "020 Check basic components" {
From 68d0f46a524b99c18704d73db7eb002c5ee916dd Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Fri, 5 Oct 2018 18:14:38 +0200
Subject: [PATCH 10/17] Fix Jenkins build for non-master branch
(trying to)
---
Jenkinsfile | 6 ++----
jenkins-rebuild.sh | 17 +++++++++++++++++
2 files changed, 19 insertions(+), 4 deletions(-)
create mode 100755 jenkins-rebuild.sh
diff --git a/Jenkinsfile b/Jenkinsfile
index c9c7ec1..5a2f10f 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -11,7 +11,7 @@ pipeline {
script {
maintainer = maintain()
imagename = imagename()
- if (env.BRANCH_NAME == "master" || env.BRANCH_NAME == "bats") { // temporary
+ if (env.BRANCH_NAME == "master") {
tag = "latest"
} else {
tag = env.BRANCH_NAME
@@ -34,10 +34,8 @@ pipeline {
steps {
script {
try {
- sh '(ls -l ; docker ps -a ; docker image ls ; echo Destroying ; bin/destroy.sh ; docker image ls) 2>&1 | tee debug' // temporary
sh './download-midpoint 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
- sh 'bin/rebuild.sh 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
- //sh 'echo Build output ; cat debug'
+ sh './jenkins-rebuild.sh 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' // temporary
} catch (error) {
def error_details = readFile('./debug')
def message = "BUILD ERROR: There was a problem building ${imagename}:${tag}. \n\n ${error_details}"
diff --git a/jenkins-rebuild.sh b/jenkins-rebuild.sh
new file mode 100755
index 0000000..5430852
--- /dev/null
+++ b/jenkins-rebuild.sh
@@ -0,0 +1,17 @@
+#!/bin/bash
+
+# Temporary workaround for docker/util not rebuilding the specific version of the image
+
+# from destroy.sh (adapted)
+
+result=$(docker ps -a | grep $maintainer/$imagename:$tag)
+
+if [ ! -z "$result" ]; then
+ docker rm -f $(docker ps -a | grep $maintainer/$imagename:$tag | awk '{print $1}')
+ docker rmi -f $maintainer/$imagename:$tag
+fi
+
+# from build.sh (adapted)
+
+echo "Building new Docker image($maintainer/$imagename:$tag)"
+docker build --rm -t $maintainer/$imagename:$tag --build-arg maintainer=$maintainer --build-arg imagename=$imagename .
From ecc39efbca716aa14912b4a2a656ffe1f4e624c4 Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Fri, 5 Oct 2018 18:47:59 +0200
Subject: [PATCH 11/17] Fix the branch-building workaround
---
common.bash | 1 +
jenkins-rebuild.sh | 12 +++++++-----
2 files changed, 8 insertions(+), 5 deletions(-)
diff --git a/common.bash b/common.bash
index 45039e1..159ddd2 100644
--- a/common.bash
+++ b/common.bash
@@ -1,2 +1,3 @@
maintainer="tier"
imagename="midpoint"
+version="3.9-SNAPSHOT-stable"
diff --git a/jenkins-rebuild.sh b/jenkins-rebuild.sh
index 5430852..6e778f0 100755
--- a/jenkins-rebuild.sh
+++ b/jenkins-rebuild.sh
@@ -2,16 +2,18 @@
# Temporary workaround for docker/util not rebuilding the specific version of the image
+source common.bash .
+
# from destroy.sh (adapted)
-result=$(docker ps -a | grep $maintainer/$imagename:$tag)
+result=$(docker ps -a | grep $maintainer/$imagename:$version)
if [ ! -z "$result" ]; then
- docker rm -f $(docker ps -a | grep $maintainer/$imagename:$tag | awk '{print $1}')
- docker rmi -f $maintainer/$imagename:$tag
+ docker rm -f $(docker ps -a | grep $maintainer/$imagename:$version | awk '{print $1}')
+ docker rmi -f $maintainer/$imagename:$version
fi
# from build.sh (adapted)
-echo "Building new Docker image($maintainer/$imagename:$tag)"
-docker build --rm -t $maintainer/$imagename:$tag --build-arg maintainer=$maintainer --build-arg imagename=$imagename .
+echo "Building new Docker image($maintainer/$imagename:$version)"
+docker build --rm -t $maintainer/$imagename:$version --build-arg maintainer=$maintainer --build-arg imagename=$imagename --build-arg version=$version .
From 7de06ccc74f18e2044ff6737744e6db481a7ddae Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Sat, 6 Oct 2018 09:14:59 +0200
Subject: [PATCH 12/17] Apply the latest version of build scripts
(copied from master to this branch)
---
Dockerfile | 6 +++---
Jenkinsfile | 13 ++++++++-----
build.sh | 31 +++++++++++++++++++++++++------
common.bash | 2 +-
download-midpoint | 19 ++++++++++++++-----
jenkins-rebuild.sh | 19 -------------------
tests/main.bats | 4 ++--
7 files changed, 53 insertions(+), 41 deletions(-)
delete mode 100755 jenkins-rebuild.sh
diff --git a/Dockerfile b/Dockerfile
index f1476a5..7a76f7a 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -1,5 +1,5 @@
#
-# Building assumes midpoint-3.9-SNAPSHOT-dist.tar.gz is present in the current directory.
+# Building assumes midpoint-dist.tar.gz is present in the current directory.
#
FROM tier/shibboleth_sp
@@ -50,7 +50,7 @@ RUN cp /dev/null /etc/httpd/conf.d/ssl.conf \
# Build arguments
ARG MP_VERSION=3.9-SNAPSHOT
-ARG MP_DIST_FILE=midpoint-${MP_VERSION}-dist.tar.gz
+ARG MP_DIST_FILE=midpoint-dist.tar.gz
ENV MP_DIR /opt/midpoint
@@ -60,7 +60,7 @@ COPY ${MP_DIST_FILE} ${MP_DIR}
COPY container_files/mp-dir/ ${MP_DIR}/
RUN echo 'Extracting midPoint archive...' \
- && tar xzf ${MP_DIR}/midpoint-${MP_VERSION}-dist.tar.gz -C ${MP_DIR} --strip-components=1
+ && tar xzf ${MP_DIR}/${MP_DIST_FILE} -C ${MP_DIR} --strip-components=1
VOLUME ${MP_DIR}/var
diff --git a/Jenkinsfile b/Jenkinsfile
index 5a2f10f..cef7264 100644
--- a/Jenkinsfile
+++ b/Jenkinsfile
@@ -27,6 +27,9 @@ pipeline {
sh 'ls'
sh 'mv bin/* ../bin/.'
}
+ // Build and test scripts expect that 'tag' is present in common.bash. This is necessary for both Jenkins and standalone testing.
+ // We don't care if there are more 'tag' assignments there. The latest one wins.
+ sh "echo >> common.bash ; echo \"tag=\\\"${tag}\\\"\" >> common.bash ; echo common.bash ; cat common.bash"
}
}
}
@@ -34,8 +37,8 @@ pipeline {
steps {
script {
try {
- sh './download-midpoint 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
- sh './jenkins-rebuild.sh 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0' // temporary
+ // using custom ./build.sh instead of bin/rebuild.sh because the bin/ version does not support building specific tag yet
+ sh './build.sh -r 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
} catch (error) {
def error_details = readFile('./debug')
def message = "BUILD ERROR: There was a problem building ${imagename}:${tag}. \n\n ${error_details}"
@@ -54,9 +57,9 @@ pipeline {
sh 'echo Docker containers before compositions tests ; docker ps -a' // temporary
sh '(cd demo/simple ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
- sh '(cd demo/shibboleth ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
- sh '(cd demo/postgresql ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
- sh '(cd demo/complex ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
+ //sh '(cd demo/shibboleth ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
+ //sh '(cd demo/postgresql ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
+ //sh '(cd demo/complex ; bats tests ) 2>&1 | tee -a debug ; test ${PIPESTATUS[0]} -eq 0'
} catch (error) {
def error_details = readFile('./debug')
def message = "BUILD ERROR: There was a problem testing ${imagename}:${tag}. \n\n ${error_details}"
diff --git a/build.sh b/build.sh
index c609b49..cb5d55c 100755
--- a/build.sh
+++ b/build.sh
@@ -1,16 +1,35 @@
#!/bin/bash
cd "$(dirname "$0")"
+source common.bash
+
SKIP_DOWNLOAD=0
-while getopts "nh?" opt; do
+while getopts "nhr?" opt; do
case $opt in
- n) SKIP_DOWNLOAD=1 ;;
- h | ?) echo "Options: -n skip download" ; exit 0 ;;
- *) echo "Unknown option: $opt" ; exit 1 ;;
+ n)
+ SKIP_DOWNLOAD=1
+ ;;
+ r)
+ result=$(docker ps -a | grep $maintainer/$imagename:$tag)
+ if [ ! -z "$result" ]; then
+ echo "Cleaning up $maintainer/$imagename:$tag..."
+ docker rm -f $(docker ps -a | grep $maintainer/$imagename:$tag | awk '{print $1}')
+ docker rmi -f $maintainer/$imagename:$tag
+ echo "Done"
+ fi
+ ;;
+ h | ?)
+ echo "Options: -n skip download"
+ exit 0
+ ;;
+ *)
+ echo "Unknown option: $opt"
+ exit 1
+ ;;
esac
done
-if [ "$SKIP_DOWNLOAD" = "0" ]; then ./download-midpoint; fi
-docker build --tag tier/midpoint:3.9-SNAPSHOT-stable .
+if [ "$SKIP_DOWNLOAD" = "0" ]; then ./download-midpoint || exit 1; fi
+docker build --tag $maintainer/$imagename:$tag --build-arg maintainer=$maintainer --build-arg imagename=$imagename . || exit 1
echo "---------------------------------------------------------------------------------------"
echo "The midPoint containers were successfully built. To start them, execute the following:"
echo ""
diff --git a/common.bash b/common.bash
index 159ddd2..3e3351b 100644
--- a/common.bash
+++ b/common.bash
@@ -1,3 +1,3 @@
maintainer="tier"
imagename="midpoint"
-version="3.9-SNAPSHOT-stable"
+tag="3.9-SNAPSHOT-stable"
diff --git a/download-midpoint b/download-midpoint
index b00f1c1..a803f95 100755
--- a/download-midpoint
+++ b/download-midpoint
@@ -1,16 +1,25 @@
#!/bin/bash
-dir=`dirname "$0"`
-echo "Downloading midPoint 3.9-SNAPSHOT"
+DIR=`dirname "$0"`
+source $DIR/common.bash
+if [[ -n "$1" ]]; then
+ MP_VERSION=$1
+else
+ if [[ $tag == "latest" ]]; then
+ MP_VERSION=3.9-SNAPSHOT
+ else
+ MP_VERSION=$tag
+ fi
+fi
+echo "Downloading midPoint $MP_VERSION"
echo "-----------------------------------------"
-curl --output $dir/midpoint-3.9-SNAPSHOT-dist.tar.gz "https://evolveum.com/downloads/midpoint-tier/midpoint-3.9-SNAPSHOT-stable-dist.tar.gz"
+curl --output $DIR/midpoint-dist.tar.gz "https://evolveum.com/downloads/midpoint-tier/midpoint-$MP_VERSION-dist.tar.gz"
echo "-----------------------------------------"
echo "Checking the download..."
-if tar -tf $dir/midpoint-3.9-SNAPSHOT-dist.tar.gz >/dev/null; then
+if tar -tf $DIR/midpoint-dist.tar.gz >/dev/null; then
echo "OK"
exit 0
else
echo "The file was not downloaded correctly"
exit 1
fi
-
diff --git a/jenkins-rebuild.sh b/jenkins-rebuild.sh
deleted file mode 100755
index 6e778f0..0000000
--- a/jenkins-rebuild.sh
+++ /dev/null
@@ -1,19 +0,0 @@
-#!/bin/bash
-
-# Temporary workaround for docker/util not rebuilding the specific version of the image
-
-source common.bash .
-
-# from destroy.sh (adapted)
-
-result=$(docker ps -a | grep $maintainer/$imagename:$version)
-
-if [ ! -z "$result" ]; then
- docker rm -f $(docker ps -a | grep $maintainer/$imagename:$version | awk '{print $1}')
- docker rmi -f $maintainer/$imagename:$version
-fi
-
-# from build.sh (adapted)
-
-echo "Building new Docker image($maintainer/$imagename:$version)"
-docker build --rm -t $maintainer/$imagename:$version --build-arg maintainer=$maintainer --build-arg imagename=$imagename --build-arg version=$version .
diff --git a/tests/main.bats b/tests/main.bats
index b262604..7d7f2c7 100755
--- a/tests/main.bats
+++ b/tests/main.bats
@@ -3,11 +3,11 @@
load ../common
@test "010 Image is present" {
- docker image inspect tier/midpoint:3.9-SNAPSHOT-stable
+ docker image inspect tier/midpoint:$tag
}
@test "020 Check basic components" {
- docker run -i $maintainer/$imagename \
+ docker run -i $maintainer/$imagename:$tag \
find \
/usr/local/bin/startup.sh \
/opt/midpoint/var/ \
From ca0547a59cbf19aec9be2894106e83c011d32b10 Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Tue, 6 Nov 2018 16:55:12 +0100
Subject: [PATCH 13/17] Fix docker image tags
---
demo/postgresql/docker-compose-tests.yml | 2 +-
demo/shibboleth/docker-compose-tests.yml | 2 +-
2 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/demo/postgresql/docker-compose-tests.yml b/demo/postgresql/docker-compose-tests.yml
index d71ea16..5a7d85c 100644
--- a/demo/postgresql/docker-compose-tests.yml
+++ b/demo/postgresql/docker-compose-tests.yml
@@ -20,7 +20,7 @@ services:
- midpoint_data:/var/lib/postgresql/data
midpoint_server:
- image: tier/midpoint:latest
+ image: tier/midpoint:3.9-SNAPSHOT-stable
ports:
- 8443:443
environment:
diff --git a/demo/shibboleth/docker-compose-tests.yml b/demo/shibboleth/docker-compose-tests.yml
index 7dff130..390a7c0 100644
--- a/demo/shibboleth/docker-compose-tests.yml
+++ b/demo/shibboleth/docker-compose-tests.yml
@@ -18,7 +18,7 @@ services:
- CREATE_NEW_DATABASE=if_needed
midpoint_server:
- image: tier/midpoint:latest
+ image: tier/midpoint:3.9-SNAPSHOT-stable
ports:
- 8443:443
environment:
From a56b3e5782196229454f8d707c2d5041cf6bd087 Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Mon, 12 Nov 2018 12:01:24 +0100
Subject: [PATCH 14/17] Adapt download and Dockerfile to 3.9 release
There's no need to fetch 3.9-SNAPSHOT any more.
Also the download directory for released versions was changed.
---
Dockerfile | 2 +-
download-midpoint | 13 ++++++++++---
2 files changed, 11 insertions(+), 4 deletions(-)
diff --git a/Dockerfile b/Dockerfile
index 7a76f7a..cb52405 100644
--- a/Dockerfile
+++ b/Dockerfile
@@ -49,7 +49,7 @@ RUN cp /dev/null /etc/httpd/conf.d/ssl.conf \
# Build arguments
-ARG MP_VERSION=3.9-SNAPSHOT
+ARG MP_VERSION=3.9
ARG MP_DIST_FILE=midpoint-dist.tar.gz
ENV MP_DIR /opt/midpoint
diff --git a/download-midpoint b/download-midpoint
index a803f95..fef64fe 100755
--- a/download-midpoint
+++ b/download-midpoint
@@ -6,14 +6,21 @@ if [[ -n "$1" ]]; then
MP_VERSION=$1
else
if [[ $tag == "latest" ]]; then
- MP_VERSION=3.9-SNAPSHOT
+ MP_VERSION=3.9
else
MP_VERSION=$tag
fi
fi
-echo "Downloading midPoint $MP_VERSION"
+
+if [[ $MP_VERSION =~ ^[0-9]+\.[0-9]+$ ]]; then
+ URL_BASE="https://evolveum.com/downloads/midpoint/$MP_VERSION/"
+else
+ URL_BASE="https://evolveum.com/downloads/midpoint-tier/"
+fi
+
+echo "Downloading midPoint $MP_VERSION from $URL_BASE"
echo "-----------------------------------------"
-curl --output $DIR/midpoint-dist.tar.gz "https://evolveum.com/downloads/midpoint-tier/midpoint-$MP_VERSION-dist.tar.gz"
+curl --output $DIR/midpoint-dist.tar.gz "$URL_BASE/midpoint-$MP_VERSION-dist.tar.gz"
echo "-----------------------------------------"
echo "Checking the download..."
if tar -tf $DIR/midpoint-dist.tar.gz >/dev/null; then
From 7f5767b1c2296de0836467669b968e57a04aaefa Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Mon, 12 Nov 2018 12:03:38 +0100
Subject: [PATCH 15/17] Fix help text in build.sh script
---
build.sh | 1 +
1 file changed, 1 insertion(+)
diff --git a/build.sh b/build.sh
index bd05bf8..bdc8393 100755
--- a/build.sh
+++ b/build.sh
@@ -23,6 +23,7 @@ while getopts "nhr?" opt; do
;;
h | ?)
echo "Options: -n skip download"
+ echo " -r refresh mode: uses --no-cache --pull and removes container and image before build"
exit 0
;;
*)
From b1dd605c8e792641e34b5960a81c55e4e37a145d Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Mon, 12 Nov 2018 12:04:24 +0100
Subject: [PATCH 16/17] Change references from 3.9-SNAPSHOT-stable to 3.9
---
README.md | 2 +-
common.bash | 2 +-
demo/complex/midpoint_server/Dockerfile | 2 +-
demo/extrepo/docker-compose.yml | 2 +-
demo/postgresql/docker-compose-tests.yml | 2 +-
demo/postgresql/docker-compose.yml | 2 +-
demo/shibboleth/docker-compose-tests.yml | 2 +-
demo/shibboleth/docker-compose.yml | 2 +-
demo/simple/docker-compose.yml | 2 +-
9 files changed, 9 insertions(+), 9 deletions(-)
diff --git a/README.md b/README.md
index 7dc0d33..6b0ac2f 100644
--- a/README.md
+++ b/README.md
@@ -1,4 +1,4 @@
-[](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/3.9-SNAPSHOT-stable/)
+[](https://jenkins.testbed.tier.internet2.edu/job/docker/job/midPoint_container/job/3.9/)
This repository contains sources for TIER-supported [midPoint](http://midpoint.evolveum.com) image.
diff --git a/common.bash b/common.bash
index 3e3351b..58004bc 100644
--- a/common.bash
+++ b/common.bash
@@ -1,3 +1,3 @@
maintainer="tier"
imagename="midpoint"
-tag="3.9-SNAPSHOT-stable"
+tag="3.9"
diff --git a/demo/complex/midpoint_server/Dockerfile b/demo/complex/midpoint_server/Dockerfile
index 2ff8630..20d6b2c 100644
--- a/demo/complex/midpoint_server/Dockerfile
+++ b/demo/complex/midpoint_server/Dockerfile
@@ -1,4 +1,4 @@
-FROM tier/midpoint:3.9-SNAPSHOT-stable
+FROM tier/midpoint:3.9
MAINTAINER info@evolveum.com
diff --git a/demo/extrepo/docker-compose.yml b/demo/extrepo/docker-compose.yml
index 9b7336c..45e4c6c 100644
--- a/demo/extrepo/docker-compose.yml
+++ b/demo/extrepo/docker-compose.yml
@@ -2,7 +2,7 @@ version: "3.3"
services:
midpoint_server:
- image: tier/midpoint:3.9-SNAPSHOT-stable
+ image: tier/midpoint:3.9
ports:
- 8443:443
environment:
diff --git a/demo/postgresql/docker-compose-tests.yml b/demo/postgresql/docker-compose-tests.yml
index 5a7d85c..3f65701 100644
--- a/demo/postgresql/docker-compose-tests.yml
+++ b/demo/postgresql/docker-compose-tests.yml
@@ -20,7 +20,7 @@ services:
- midpoint_data:/var/lib/postgresql/data
midpoint_server:
- image: tier/midpoint:3.9-SNAPSHOT-stable
+ image: tier/midpoint:3.9
ports:
- 8443:443
environment:
diff --git a/demo/postgresql/docker-compose.yml b/demo/postgresql/docker-compose.yml
index c6870f3..f4d9a7c 100644
--- a/demo/postgresql/docker-compose.yml
+++ b/demo/postgresql/docker-compose.yml
@@ -17,7 +17,7 @@ services:
- midpoint_data:/var/lib/postgresql/data
midpoint_server:
- image: tier/midpoint:3.9-SNAPSHOT-stable
+ image: tier/midpoint:3.9
ports:
- 8443:443
environment:
diff --git a/demo/shibboleth/docker-compose-tests.yml b/demo/shibboleth/docker-compose-tests.yml
index 390a7c0..b6754ea 100644
--- a/demo/shibboleth/docker-compose-tests.yml
+++ b/demo/shibboleth/docker-compose-tests.yml
@@ -18,7 +18,7 @@ services:
- CREATE_NEW_DATABASE=if_needed
midpoint_server:
- image: tier/midpoint:3.9-SNAPSHOT-stable
+ image: tier/midpoint:3.9
ports:
- 8443:443
environment:
diff --git a/demo/shibboleth/docker-compose.yml b/demo/shibboleth/docker-compose.yml
index 8fcbf98..f084d31 100644
--- a/demo/shibboleth/docker-compose.yml
+++ b/demo/shibboleth/docker-compose.yml
@@ -15,7 +15,7 @@ services:
- CREATE_NEW_DATABASE=if_needed
midpoint_server:
- image: tier/midpoint:3.9-SNAPSHOT-stable
+ image: tier/midpoint:3.9
ports:
- 8443:443
environment:
diff --git a/demo/simple/docker-compose.yml b/demo/simple/docker-compose.yml
index 2440a0d..aad428e 100644
--- a/demo/simple/docker-compose.yml
+++ b/demo/simple/docker-compose.yml
@@ -14,7 +14,7 @@ services:
- CREATE_NEW_DATABASE=if_needed
midpoint_server:
- image: tier/midpoint:3.9-SNAPSHOT-stable
+ image: tier/midpoint:3.9
ports:
- 8443:443
environment:
From b4d897b3afd6c9cd8301de3aaf8f39b22d7b1af9 Mon Sep 17 00:00:00 2001
From: Pavol Mederly <mederly@evolveum.com>
Date: Mon, 12 Nov 2018 12:45:49 +0100
Subject: [PATCH 17/17] Fix demo/complex tests
Sometimes we are trying to pull an image that is not pushed yet.
---
demo/complex/tests/main.bats | 4 +++-
1 file changed, 3 insertions(+), 1 deletion(-)
diff --git a/demo/complex/tests/main.bats b/demo/complex/tests/main.bats
index 5fa8197..08754c0 100755
--- a/demo/complex/tests/main.bats
+++ b/demo/complex/tests/main.bats
@@ -14,7 +14,9 @@ load ../../../library
# We want to fail cleanly if there's any interference
docker ps
! (docker ps | grep -E "shibboleth_(idp|directory)_1|(complex|simple|shibboleth|postgresql)_(midpoint_server|midpoint_data)_1")
- docker-compose build --pull
+ docker-compose build --pull grouper_daemon grouper_ui grouper_data directory sources targets midpoint_data idp mq
+ # Sometimes the tier/midpoint:xyz is not yet in the repository, causing issues with --pull
+ docker-compose build midpoint_server
docker-compose up -d
}